Doorkeeper

Becks Japan #1

Tue, 19 Feb 2019 19:00 - 23:00

LINE Corporation Shinjuku Miraina Tower Office, LINE Cafe, 23th floor

Tokyo, Shinjuku-ku, Shinjuku 4-1-6 JR Miraina Tower 23rd floor

Register

Registration is closed

Get invited to future events

Free admission
Reception on 5th floor, please take escalators to 5th floor.

Description

Becks Japan #1

First edition of Becks in Japan. Talks by Orange (Taiwan), GrayLab's jz (Korea), and mala (Japan)

Twitter Hashtag : #becks_jp

Featured talks (see below for details):

  1. Hacking Jenkins! by Orange
  2. Dissecting professional APT team's spear tip by jz (Heungsoo Kang from GrayLab)
  3. The Evolution of Alert & Notification System by mala

Schedule

  • 18:50 Open
  • 19:20 Welcoming words (10min)
  • 19:30 Hacking Jenkins! by Orange (50min)
  • 20:20 Break
  • 20:30 Dissecting professional APT team's spear tip by jz (30min)
  • 21:00 The Evolution of Alert & Notification System by mala (30min)
  • 21:30 Social event (with beers!)
  • 23:00 End

Talk details:

1. Hacking Jenkins! by Orange

  • Abstract: Part of contents is here:
  • Profile: Cheng-Da Tsai, also as known as Orange Tsai, is member of DEVCORE and CHROOT from Taiwan. He has spoken at conferences such as Black Hat USA/ASIA, DEF CON, HITCON, HITB, CODEBLUE and WooYun. He participates in numerous Capture-the-Flags (CTF), and won 2nd place in DEF CON 22/25 as team member of HITCON. Currently, he is focusing on application security and 0day research. Orange enjoys finding vulnerabilities and participating in Bug Bounty Programs. He is enthusiastic about Remote Code Execution (RCE), and uncovered RCEs in several vendors, such as Facebook, Uber, Apple, GitHub, Amazon, Yahoo and Imgur.
  • Language: English (with Japanese translation)

2. Dissecting professional APT team's spear tip by jz (Heungsoo Kang from GrayLab)

  • Abstract: A bunch of spear phishing mails arrived in LINE employees' mailbox along other companies'. The very tip of this spear starts from Excel file containing obfuscated VBS, flows on with steganography, obfuscated powerscript, in-memory C# and downloader DLL. It contains various tricks to avoid detection. This talk will cover deobfuscation and reverse engineering of binary modules, how they avoid detection and cut off analysts.
  • Profile: As a member of GrayLab security team in LINE, I'm working to make LINE's services and infrastructure safe. My professional experience includes malware/APT analysis, AV engine dev, x86 obfuscater, backend malware analysis system, 0day/exploit writing, red-teaming.
  • Language: English (with Japanese translation)

3. The Evolution of Alert & Notification System by mala

  • Abstract: I'll talk about my own notification system. Phone, email, and LINE. Modern people are very tired of many notifications. Too much notifications will lose sight of what matters. In order to respond to notifications, sleep becomes shallow and impairs health. Finally, I started shooting electric shocks to my body since July 2018.
  • Profile: I'm just a web engineer and my job at LINE is Risk management, Application Security, Development support etc. As my own independent work, I've reported lots of security or privacy related issues to many companies and softwares. (ex: this service also https://www.doorkeeper.jp/responsible_disclosure )
  • Language: Japanese (with English translation)

About this community

Becks

Becks

Beer and Hacks A community of hackers, security researchers, and anyone interested in security. (almost) Monthly meetups in Tokyo featuring top security researchers, practitioners, and beers from ...

Join community